Zero Trust architecture is rapidly becoming the primary approach for securing networks and applications for security and information technology leaders. Its updated principles focus on protecting critical assets while eliminating implicit trust. Traditional security concepts assume trust, which creates the possibility of loopholes. A Zero Trust approach implements the features and functionality of existing products and solutions that are already in the network, as well as existing products and solutions that are not yet in the network.
according to report According to Cybersecurity Insiders and Fortra, some of the biggest drives toward Zero Trust are related to protecting a company’s sensitive data from potential breaches, leaks, and theft. As organizations aim to strengthen their security posture with a model like Zero Trust, it is important to understand the following: how Existing systems will complement and integrate the Zero Trust model, specifically the voice network and 5G core.
Core pillars of zero trust
Zero Trust architecture uses Zero Trust principles to plan industrial and enterprise infrastructure and workflows. It works on a “never trust, always verify” approach. This means that no implicit trust is granted to assets or user accounts based solely on physical or network location or ownership of the assets.
Regulatory bodies such as the Cybersecurity and Infrastructure Security Agency (CISA) provide guardrail Clarify your Zero Trust model to ensure the best approach. As defined by CISA, the five pillars that define a Zero Trust architecture are identity, network, application workloads, data, and devices. These five pillars are built on a foundation of visibility and analytics.
- identity – When managing users in your network, identity is the first and most important area to protect. Multi-factor authentication, continuous authentication, biometrics, and even privileged access management are all ways to manage the identities and personas trying to access your data.
- Network and environment – Networks (including connected networks) should be considered borderless. The Zero Trust approach assumes that your network has no boundaries. Security is then applied across the network using techniques such as macro-segmentation, micro-segmentation, and software-defined networking.
- Application workload – It is important to start with a secure development process for your application workloads. Continuous monitoring, software risk management, and secure supply chain management are also areas to consider.
- data – The goal is to protect data within the network. Tactics such as data labeling and tagging, encryption (at rest and in transit), access control, and constant monitoring are examples of things that can be used to protect data within your network.
- device – All devices attempting to access data must be carefully monitored. To manage the devices that access your data, you should use mobile device management (MDM), patch management, device discovery and compliance, and endpoint detection and response.
Information technology (IT) governance must also be considered in the context of achieving a zero trust architecture. Using this information, IT organizations can make ongoing efforts to ensure that a Zero Trust mindset is maintained in application development, data usage, and the systems used to enforce these policies. Identify the value of specific employee training.
Applying Zero Trust to Voice Networks and 5G Core
voice network
Applying Zero Trust architecture as a voice network concept can be particularly challenging due to the unique requirements imposed by Voice-as-a-Service, especially in the context of telephony. When looking for voice services and solutions, whether the ecosystem is on-premises or cloud-based, consider using solutions that are designed with zero trust in mind and have multi-vendor compatibility. Authentication and authorization are required capabilities for both users and their devices to ensure that all voice traffic is encrypted throughout its lifecycle.
The biggest hurdle in applying Zero Trust principles to external voice network services is how to interact with voice network services outside the organization, and it is impossible to directly control these external components. However, the strength of the Zero Trust mindset is the premise that no user, device, or network can be trusted, and enforcing it is paramount to securing an organization’s voice services.
One of the best approaches to this lack of end-to-end control is to focus on the voice call itself. Analytics solutions can solve this challenge by dynamically learning user and device characteristics from the behaviors exhibited in voice calls.
5G core
In the context of 5G core network management, there are two main areas to consider regarding Zero Trust principles. It is the interaction between operators and network functions (NFs) and between NFs. In both cases, authentication, authorization, and accounting functions must be enriched with context data to determine whether a particular configuration or communication needs to occur. Operators and NF instances must have unique identities that are verified on every interaction, both have least privileged access depending on their required roles, and all data storage and transfer must be encrypted. there is.
Maturing to a Zero Trust Architecture
As enterprises move to a Zero Trust architecture within their networks, they approach implementation through three phases: Traditional, Modern, and Optimized. Each of these phases allows for further levels of maturity. In the traditional phase, configurations and policies are managed manually, with automation gradually built in as the company continues through the implementation process. This step-by-step approach allows companies to plan, implement basic principles, and move toward a more secure implementation.
As companies progress through the maturity model, they will look to vendors to help them understand how to move to Zero Trust using the capabilities of their existing products and systems. However, businesses must keep in mind that Zero Trust requires a real mindset shift within the organization. Zero Trust is not a product or solution and cannot be purchased. Zero trust is also about people, making sure all employees understand the concept and the downsides of implicit trust.
